> On 21 Dec 2018, at 21:42, horrido <horrido.hobb...@gmail.com> wrote:
>
> Okay, I will dispense with the self-signed certificate and purchase a
> commercial one, say, from Comodo (PositiveSSL).
But you cannot buy a certificate for localhost, only for a real domain name
(that you host for real).
> I presume once I get it, the code below will work correctly (?). If not,
> I'll be back.
Linux only, I would say.
If you want to deploy for real, in some form of production, put nginx in front
of pharo (as a proxy). That will work infinitely better and easier.
> Sven Van Caekenberghe-2 wrote
>>> On 20 Dec 2018, at 22:09, horrido <
>
>> horrido.hobbies@
>
>> > wrote:
>>>
>>> I had this working some many months ago, but now I can't get it to work.
>>> Really annoying. The entire process is so arcane...
>>>
>>> My HTTP server starts like this:
>>>
>>> Teapot stopAll.
>>> Teapot on
>>> Get: blah blah blah
>>>
>>> Then I visit http://localhost:1701/.
>>>
>>> I created a self-signed cert called newcert.pem. My HTTPS server starts
>>> like
>>> this:
>>>
>>> Teapot stopAll.
>>> secureServer := (ZnSecureServer on: 1443)
>>> certificate: '/home/richard/newcert.pem';
>>> logToTranscript;
>>> start;
>>> yourself.
>>> teapot := Teapot configure: { #znServer -> secureServer }.
>>> teapot
>>> Get: blah blah blah
>>>
>>> When I visit https://localhost/, I get "Unable to connect". I tried
>>> localhost:1701, localhost:1443, just about every damn port number I can
>>> think of. No joy.
>>>
>>> So what the devil am I doing wrong???
>>
>> First, this only works for Linux (as far as I know, have experienced,
>> others have reported differently).
>>
>> Second, a self-signed certificate is considered insecure (more so
>> nowadays), so you will have to force your browser to continue through lots
>> of scary warnings.
>>
>> I just tried in Ubuntu 18.04.O1 LTS 64-bit, using Pharo 7 and FireFox, and
>> it worked.
>>
>> As an aside, I would not do stuff like this, SSL is no joke, it is serious
>> business: a certificate means something for real. This is not something
>> you slam on for fun in a demo. In production systems, it is much better to
>> put nginx or something like that in front of your app to add high quality
>> ssl (with infinitely more documentation, options, users, experience, etc
>> ...), but even there a quick and dirty self signed certificate won't get
>> you very far.
>>
>> Sven
>
>
>
>
>
> --
> Sent from: http://forum.world.st/Pharo-Smalltalk-Users-f1310670.html
>
